diff options
-rw-r--r-- | .SRCINFO | 8 | ||||
-rw-r--r-- | PKGBUILD | 13 | ||||
-rw-r--r-- | arpon-syslog.patch | 319 | ||||
-rw-r--r-- | arpon.service | 2 | ||||
-rw-r--r-- | arpon.service.conf | 2 |
5 files changed, 335 insertions, 9 deletions
@@ -1,7 +1,7 @@ pkgbase = arpon-ng pkgdesc = Prevents MITM attacks on the Address Resolution Protocol (ARP) pkgver = 3.0 - pkgrel = 1 + pkgrel = 2 url = http://arpon.sourceforge.net install = arpon-ng.install arch = i686 @@ -18,9 +18,11 @@ pkgbase = arpon-ng source = ArpON-3.0-ng.tar.gz::https://sourceforge.net/projects/arpon/files/arpon/ArpON-3.0-ng.tar.gz/download source = arpon.service source = arpon.service.conf + source = arpon-syslog.patch md5sums = a89ef9bc18e6f0fc9aa8a89aa676a281 - md5sums = 3630b18dc67f9133acc8e3615462e341 - md5sums = 01432a91eaa5f9c2a9fc490ebc7b300d + md5sums = SKIP + md5sums = SKIP + md5sums = SKIP pkgname = arpon-ng @@ -2,7 +2,7 @@ pkgname=arpon-ng pkgver=3.0 -pkgrel=1 +pkgrel=2 pkgdesc="Prevents MITM attacks on the Address Resolution Protocol (ARP)" arch=('i686' 'x86_64') url="http://arpon.sourceforge.net" @@ -15,15 +15,18 @@ backup=('etc/arpon.conf' 'etc/conf.d/arpon') install="${pkgname}.install" source=("ArpON-${pkgver}-ng.tar.gz::https://sourceforge.net/projects/arpon/files/arpon/ArpON-${pkgver}-ng.tar.gz/download" 'arpon.service' - 'arpon.service.conf') + 'arpon.service.conf' + 'arpon-syslog.patch') md5sums=('a89ef9bc18e6f0fc9aa8a89aa676a281' - '3630b18dc67f9133acc8e3615462e341' - '01432a91eaa5f9c2a9fc490ebc7b300d') + 'SKIP' + 'SKIP' + 'SKIP') prepare() { cd "ArpON-${pkgver}-ng" - mkdir -p build + patch -p1 < ../arpon-syslog.patch sed -i -e 's:/sbin:/usr/bin:g' src/CMakeLists.txt README + mkdir -p build } build() { diff --git a/arpon-syslog.patch b/arpon-syslog.patch new file mode 100644 index 000000000000..98aa6eaf429d --- /dev/null +++ b/arpon-syslog.patch @@ -0,0 +1,319 @@ +commit 120264d7527da51b0caf46af9b62a79692cd3d46 +Author: Adrian Günter <adrian@gntr.me> +Date: Tue Mar 21 06:43:29 2017 +0000 + + Convert log file functionality to syslog + +diff --git a/cmake/modules/FindHeaders.cmake b/cmake/modules/FindHeaders.cmake +index 3a49e61..ded547f 100644 +--- a/cmake/modules/FindHeaders.cmake ++++ b/cmake/modules/FindHeaders.cmake +@@ -156,6 +156,11 @@ if(NOT HAVE_ASSERT_H) + message(FATAL_ERROR "Could not find assert.h!") + endif(NOT HAVE_ASSERT_H) + ++check_include_file(syslog.h HAVE_SYSLOG_H) ++if(NOT HAVE_SYSLOG_H) ++ message(FATAL_ERROR "Could not find syslog.h!") ++endif(NOT HAVE_SYSLOG_H) ++ + # + # EOF + # +diff --git a/src/main.c b/src/main.c +index 7045a13..42c96d3 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -33,6 +33,7 @@ + + #include <stdio.h> + #include <stdbool.h> ++#include <syslog.h> + + #include "dmn.h" + #include "env.h" +@@ -49,6 +50,8 @@ + int + main(int argc, char **argv, char **envp) + { ++ /* Initialize syslog. */ ++ openlog("arpon", LOG_CONS | LOG_PID | LOG_NDELAY, LOG_DAEMON); + + /* Audit the environment. */ + env_audit(argv, envp); +diff --git a/src/msg.c b/src/msg.c +index 77ee70d..292b1c7 100644 +--- a/src/msg.c ++++ b/src/msg.c +@@ -42,6 +42,7 @@ + #include <errno.h> + #include <assert.h> + #include <pthread.h> ++#include <syslog.h> + + #include "config.h" + #include "exit.h" +@@ -59,22 +60,9 @@ + #define MSG_MESSAGESIZE 512 /* 512 bytes. */ + + /* +- * Log file permissions to 640. +- */ +-#define MSG_LOGPERMS S_IRUSR | S_IWUSR | S_IRGRP +- +-/* + * Function prototypes not exported. + */ +-static void msg_init(void); +-static void msg_destroy(void); + static void msg_gettimestamp(char *ts); +-static void msg_putmessage(FILE *stream, const char *msg); +- +-/* +- * Initialize the log file stream. +- */ +-static FILE *log = NULL; + + /* + * Initialize the message mutex. +@@ -82,7 +70,7 @@ static FILE *log = NULL; + static pthread_mutex_t msg_mtx = PTHREAD_MUTEX_INITIALIZER; + + /* +- * Initialize the log file stream and print the message with logging. ++ * Print the message. + * The syntax of each message is: + * + * timestamp1 [log level] message1 +@@ -98,16 +86,31 @@ msg(FILE *stream, const char *level, const char *fmt, ...) + char ts[MSG_TIMESTAMPSIZE], msg[MSG_MESSAGESIZE]; + va_list ap; + int len1, len2, tot_len = MSG_MESSAGESIZE; ++ int syslog_lvl; + + /* Lock the mutex of the message. */ + if (pthread_mutex_lock(&msg_mtx) != 0) + break; + +- /* Log file stream of the messages already initialized and open? */ +- if (log == NULL) { +- /* Initialize the log file stream of the messages. */ +- msg_init(); +- } ++ if (strcmp(level, "ERROR") == 0) ++ syslog_lvl = LOG_ERR; ++ else if (strcmp(level, "WARN") == 0) ++ syslog_lvl = LOG_WARNING; ++ else if (strcmp(level, "INFO") == 0) ++ syslog_lvl = LOG_INFO; ++ else if (strcmp(level, "DEBUG") == 0) ++ syslog_lvl = LOG_DEBUG; ++ else if (strcmp(level, "BUG") == 0) ++ syslog_lvl = LOG_CRIT; ++ else ++ syslog_lvl = LOG_NOTICE; ++ ++ va_start(ap, fmt); ++ ++ /* Print the message to syslog. */ ++ vsyslog(syslog_lvl, fmt, ap); ++ ++ va_end(ap); + + /* Get the timestamp of the message. */ + msg_gettimestamp(ts); +@@ -139,125 +142,17 @@ msg(FILE *stream, const char *level, const char *fmt, ...) + /* No message truncated. */ + assert(tot_len > 0); + +- /* Print the message in the log file stream and the file stream. */ +- msg_putmessage(stream, msg); +- +- /* Unlock the mutex of the message. */ +- if (pthread_mutex_unlock(&msg_mtx) != 0) +- break; +- +- return; +- } while (0); +- +- ERROR("%s", strerror(errno)); +- exit(EXIT_FAILURE); +-} +- +-/* +- * Initialize the log file stream of the messages. +- */ +-static void +-msg_init(void) +-{ +- +- do { +- struct stat stats; +- bool UNUSED(logcreate) = false; +- +- /* Check if the log file exist. */ +- if (stat(LOG_FILE, &stats) < 0) { +- if (errno == ENOENT) { +- int fd; +- +- /* Create and open the log file with the 640 perms. */ +- if ((fd = open(LOG_FILE, O_CREAT, MSG_LOGPERMS)) < 0) +- break; +- +- /* Close the log file descriptor. */ +- if (close(fd) < 0) +- break; +- +- /* Call again. */ +- if (stat(LOG_FILE, &stats) < 0) +- break; +- +-#ifndef NDEBUG +- /* Log file created. */ +- logcreate = true; +-#endif /* !NDEBUG */ +- } else { +- break; +- } +- } +- +- /* Check if the log file is a regular file. */ +- if (S_ISREG(stats.st_mode) == 0) { +- ERROR("%s is not a regular file", LOG_FILE); +- exit(EXIT_FAILURE); +- } +- +- /* Fix the log file perms to 640. */ +- if (chmod(LOG_FILE, MSG_LOGPERMS) < 0) +- break; ++ /* Print the message in the file stream. */ ++ fprintf(stream, "%s", msg); + +- /* Open the log file stream to append. */ +- if ((log = fopen(LOG_FILE, "a")) == NULL) ++ /* Flush the file stream. */ ++ if (fflush(stream) == EOF) + break; + +-#ifndef NDEBUG + /* Unlock the mutex of the message. */ + if (pthread_mutex_unlock(&msg_mtx) != 0) + break; + +- /* Log file created? */ +- if (logcreate == true) +- MSG_DEBUG("Create %s with 640 perms successful", LOG_FILE); +-#endif /* !NDEBUG */ +- +- MSG_DEBUG("Open %s successful", LOG_FILE); +- MSG_DEBUG("Start logging"); +- +- /* Push msg_destroy() to be called on exit_cleanup(). */ +- exit_push(msg_destroy, "msg_destroy"); +- +-#ifndef NDEBUG +- /* Lock the mutex of the message. */ +- if (pthread_mutex_lock(&msg_mtx) != 0) +- break; +-#endif /* !NDEBUG */ +- +- return; +- } while (0); +- +- ERROR("%s", strerror(errno)); +- exit(EXIT_FAILURE); +-} +- +-/* +- * Destroy the log file stream of the messages. +- */ +-static void +-msg_destroy(void) +-{ +- +- do { +- /* Unlock the mutex of the message before the destruction. */ +- if (pthread_mutex_unlock(&msg_mtx) != 0) +- break; +- +- /* Log file stream of the messages already destroyed and closed? */ +- if (log != NULL) { +- MSG_DEBUG("End logging"); +- MSG_DEBUG("Close %s successful", LOG_FILE); +- +- /* Close the log file stream. */ +- if (fclose(log) == EOF) +- break; +- +- /* Set the log file stream to NULL. */ +- log = NULL; +- } +- + return; + } while (0); + +@@ -300,64 +195,6 @@ msg_gettimestamp(char *ts) + } + + /* +- * Put the message in the log file stream and the file stream. +- */ +-static void +-msg_putmessage(FILE *stream, const char *msg) +-{ +- +- do { +- struct stat stats; +- +- /* Check if the log file exist. */ +- if (stat(LOG_FILE, &stats) < 0) { +- if (errno == ENOENT) { +- /* Close the log file stream. */ +- if (fclose(log) == EOF) +- break; +- +- /* Set the log file stream to NULL. */ +- log = NULL; +- +- /* Re-initialize the log file stream. */ +- msg_init(); +- +- /* Call again. */ +- if (stat(LOG_FILE, &stats) < 0) +- break; +- } else { +- break; +- } +- } +- +- /* Check if the log file is a regular file. */ +- if (S_ISREG(stats.st_mode) == 0) { +- ERROR("%s is not a regular file", LOG_FILE); +- exit(EXIT_FAILURE); +- } +- +- /* Print the message in the log file stream. */ +- fprintf(log, "%s", msg); +- +- /* Flush the log file stream. */ +- if (fflush(log) == EOF) +- break; +- +- /* Print the message in the file stream. */ +- fprintf(stream, "%s", msg); +- +- /* Flush the file stream. */ +- if (fflush(stream) == EOF) +- break; +- +- return; +- } while (0); +- +- ERROR("%s", strerror(errno)); +- exit(EXIT_FAILURE); +-} +- +-/* + * EOF + * + * vim:ts=4:expandtab diff --git a/arpon.service b/arpon.service index aec8f198b815..612b8a47790f 100644 --- a/arpon.service +++ b/arpon.service @@ -8,6 +8,8 @@ EnvironmentFile=/etc/conf.d/arpon PIDFile=/run/arpon.pid ExecStart=/usr/bin/arpon $ARPON_OPTS ExecReload=/usr/bin/kill -HUP $MAINPID +StandardOutput=null +StandardError=null KillMode=process Restart=always diff --git a/arpon.service.conf b/arpon.service.conf index b3159121e756..a2138ef875dd 100644 --- a/arpon.service.conf +++ b/arpon.service.conf @@ -1,6 +1,6 @@ # Uncomment and modify ARPON_OPTS line below to the desired network interface # (-i,--interface) and ARP inspection mode (-S,--sarpi|-D,--darpi|-H,--harpi) -# before enabling and starting the systemd service. For more information +# before enabling and starting the systemd service. For more information # on interface and ARP inspection mode selection consult the arpon man page. # IMPORTANT: Do NOT set the daemon (-d,--daemon) option! |